SVP Cybersecurity

Our GCIO organisation plays a critical role for the bank. This team partners with the businesses to build the platforms, systems, and products that our customers use every day. We keep people's money and data safe and are at the forefront of driving innovation for our businesses, customers, and colleagues. Within GCIO, our cybersecurity team designs, implements, and operates controls to manage risk. This team provides local inputs to define our group cyber security standards, oversee the security of our network, applications, and infrastructure, provide round-the-clock monitoring and security incident response services.

People responsibility: N

Report to: Chief Information Security Officer (CISO)

Role Purpose -The role is responsible for operating as part of a global/regional team within Cybersecurity to define and implement an industry-leading Cybersecurity Service that supersedes our constantly changing information security threats. -The key responsibilities include managing Governance & Reporting, Information Security Risk and Remediation, Secure Business Transformation, Compliance to local legal entity regulations. -The role is a key point of contact for managing Information and Cybersecurity risks and controls (including cyber owned and non-cyber owned controls), relating to their governance, operation, monitoring and reporting.

Job Content
In this role, you will:

• Protect the bank via proactive Cybersecurity risk reduction actions.
• Make Informed and educated risk decisions, balancing commercial / financial institutionrisk vs reward security decisions.
• Drive sustainable growth and develop Cybersecurity awareness, engaging with colleaguesacross the functions and businesses departments to deliver sustainable Cybersecurity solutions.
• Leads and facilitates change through effective communication, preparation, and implementation.
• Work with key stakeholders (IT and business) to proactively drive the reduction in Cybersecurity risks and to improve the security risk posture of HSBC within the businessrisk appetite.

Experience / Skills

• Educated to degree level, within IT (Cybersecurity specialist). Industry qualifications (CISSP, CISA, CISM).
• Regulatory engagement, experience in dealing with compliance matters, and regulatoryliaison and knowledge on Asia Pacific regulatory requirements, and in-depth knowledge onTaiwan regulatory requirements.
• Ability to build strong relationships and communicate on complex Cybersecurity issues with a wide spectrum of stakeholders across local, regional, and global levels.
• Positive and professional attitude, team player, flexible and adaptable, open to change(s);good spoken and written English and Chinese communication, and ability to adapt style based on audience.
• Comprehensive understanding of banking and security in context of wider industry trendsand direction, along with understanding of business finance and experience of effective management of budgets and expenditure.
• GPAD (Group Personal Account Dealing) Covered.
• To be fulfilled after onboarding: 每年⾄少應接受⼗五⼩時以上資訊安全專業課程訓練或職能訓練

※ Applicants passing resume screening will be notified for interview and next steps. There will be no further notification or message for applicants either not qualifying for or not being selected for the position applied.